package com.powernode.sqlinjection;

import com.powernode.commons.util.DbUtils;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

/**
 * @Author Arrebol
 * @Date 2024/8/1 23:39
 * @Project jdbc
 * @Description：
 * 使用PreparedStatement完成模糊查询操作
 */
public class JdbcTestPreparedStatement4 {
    public static void main(String[] args) {
        Connection conn=null;
        PreparedStatement ps=null;
        ResultSet rs=null;
        try {
            conn= DbUtils.getConnection();
            String fuzzyQuerySql="select * from t_emp where name like (?)";
            ps=conn.prepareStatement(fuzzyQuerySql);
            ps.setString(1,"张%");
            rs = ps.executeQuery();
            int count = 0;
            while (rs.next()){
                System.out.println(rs.getString("name"));
                count++;
            }
            System.out.println("查询到"+count+"条数据");
        } catch (SQLException e) {
            e.printStackTrace();
        } finally {
            DbUtils.close(rs,ps,conn);
        }
    }
}
